1. kalvin

    I think another way to check if the site is infected is if it’s listed in any major DNSBLs, for example if I ping your site, then take the IP then check in mulitple DNBLs it comes out clean http://ip-address-lookup-v4.com/ip/ , the DNSBL stands for DNS-blacklist!

  2. I subscribed last night to try out their service on a malware hit WordPress site and they clean it up in 30 minutes, would have taken me a lot longer manually! Very impressed, recommended.

  3. I’ve had to clean out quite a few infected sites. They’re a pain in the neck, but it’s really not that hard. The main trick is to (A) know what caused the infection (to prevent it happening again) and (B) have backups.

    Most people with struggle with both of those and so services like Sucuri are ideal.

  4. @kalvin – the only issue with that is if you have haven’t been blacklisted. The idea is to catch it before you do right? :)

    @simon – That’s really awesome. Glad it worked out so well for you. Not always that clean cut, but we do resolve 70% of tickets within 3 hours..:)

    @Ryan – You hit the nail on the head. I would say backups are the most important. While knowing how it happened, it can be a challenge when working with 100’s if not 1,000’s of sites. Easy to do it for a few sites if you own the servers and associated sites. I would say more importantly its ensuring you’re practicing good webmaster techniques when managing your server. I would also say that finding all back-doors, whether related to the infection or not, is going to take you a long way. :)

    By far one of the biggest contributors we are seeing are related to this: http://blog.sucuri.net/2012/03/a-little-tale-about-website-cross-contamination.html

    Perfect example was here: http://blog.sucuri.net/2012/03/website-cross-contamination-blackhat-seo-spam-malware.html

Comments are closed.